Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File: XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier: SSjm10GoIiCjTCwVqgH4oVOWzFxpnJhN7VcGnT9IH/I=
Subject key identifier: 57:95:2D:49:14:60:3E:F9:A9:77:6E:F2:C0:29:DD:CF:54:39:B2:51
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer: /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial: 019D996274A6C1ED8E4DAE3C93EB300A87EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number: 08A9
Signing time: Fri 17 Apr 2026 03:00:59 +0000
Manifest this update: Fri 17 Apr 2026 03:00:59 +0000
Manifest next update: Sat 18 Apr 2026 03:00:59 +0000
Files and hashes: 1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: ddnQWE2rrP1MzFef0vD/fVkMcxIX5O0saviJOyoR/Nw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:62:74:a6:c1:ed:8e:4d:ae:3c:93:eb:30:0a:87:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Validity
Not Before: Apr 17 03:00:59 2026 GMT
Not After : Apr 18 03:00:59 2026 GMT
Subject: CN=57952d4914603ef9a9776ef2c029ddcf5439b251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1b:c2:fa:fb:5f:95:e7:d8:60:1f:7b:64:78:
37:f8:f3:10:95:9c:14:6d:65:24:f0:d1:e7:ff:6d:
05:76:e1:aa:0e:2f:1b:8c:76:f1:a7:de:14:6e:0a:
30:2e:b7:5e:60:ce:fa:39:63:78:da:81:dc:f2:8a:
db:36:2e:fa:c4:fb:6c:a6:79:1e:db:23:21:60:3a:
59:27:a6:6f:62:ff:0b:87:68:76:cc:b2:b0:e3:31:
c8:6b:21:16:7d:85:00:f2:ed:fc:a6:de:b5:3b:f6:
3a:40:ac:8f:09:d5:68:6c:8a:49:01:44:23:c7:23:
f1:0e:7f:24:de:cc:c1:54:ef:92:4d:c0:f5:81:22:
2e:15:68:46:7c:bb:aa:f1:d6:c6:12:9b:6f:1f:15:
ca:55:2c:d5:b0:02:09:05:96:44:c0:01:74:6c:1f:
16:6b:7f:8c:cb:e3:3c:a8:7d:a3:80:18:70:6d:1e:
25:ca:98:14:99:34:69:7c:27:27:57:9a:54:44:df:
39:82:6c:90:c0:4a:c9:63:34:a4:62:bc:7d:50:35:
08:1c:23:3f:e3:4a:9d:5e:62:cc:7c:d4:d0:9d:d8:
33:d4:83:3d:97:5b:b4:94:df:b1:23:4c:ff:a5:5c:
e4:d4:2a:ac:31:4c:ff:33:a4:d2:f9:83:71:46:69:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:95:2D:49:14:60:3E:F9:A9:77:6E:F2:C0:29:DD:CF:54:39:B2:51
X509v3 Authority Key Identifier:
keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:ab:b9:5a:ea:c9:4b:15:81:90:43:96:4f:cb:bc:0a:84:00:
db:b0:5b:71:85:c3:14:ed:37:ac:d7:26:0c:e4:f1:64:05:61:
bd:9e:63:a9:f1:aa:49:a0:74:5f:cd:3f:41:46:9c:7c:d4:40:
9a:e4:fe:c8:cb:c2:ee:b0:5d:cd:14:c3:48:b2:1e:ca:9f:8f:
04:25:1c:33:07:f0:89:57:66:d8:a7:6d:da:82:87:13:6a:4a:
00:95:a8:ea:e3:48:de:63:72:3b:5f:18:90:28:8d:52:b6:e6:
08:df:4e:53:3a:6a:ee:e4:ff:7a:59:47:fb:7c:ba:52:dd:06:
4c:8f:9a:fd:40:0a:bf:73:cd:dd:0b:72:c5:9b:46:ee:5d:0a:
57:4a:65:6c:d2:4e:ac:18:67:68:fd:33:fc:5d:f8:55:2f:ff:
c5:55:6b:34:33:37:4c:13:62:ab:c2:a2:90:90:3d:26:a1:28:
21:05:5a:1f:11:f7:9c:06:d4:98:4e:97:6f:8c:92:ea:a7:60:
43:30:97:65:7c:df:24:a8:a6:dd:fc:83:2f:d4:45:07:48:e5:
10:b8:87:96:d4:54:7c:b8:17:87:49:bb:87:69:93:6e:6e:36:
4f:49:1a:9b:74:31:5a:77:3f:ca:69:e0:ce:68:e1:05:42:cd:
4c:bc:d4:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYnSmwe2OTa48k+swCofsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjYwNDE3MDMwMDU5WhcNMjYwNDE4MDMwMDU5WjAzMTEwLwYDVQQD
Eyg1Nzk1MmQ0OTE0NjAzZWY5YTk3NzZlZjJjMDI5ZGRjZjU0MzliMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hvC+vtflefYYB97ZHg3+PMQlZwU
bWUk8NHn/20FduGqDi8bjHbxp94UbgowLrdeYM76OWN42oHc8orbNi76xPtspnke
2yMhYDpZJ6ZvYv8Lh2h2zLKw4zHIayEWfYUA8u38pt61O/Y6QKyPCdVobIpJAUQj
xyPxDn8k3szBVO+STcD1gSIuFWhGfLuq8dbGEptvHxXKVSzVsAIJBZZEwAF0bB8W
a3+My+M8qH2jgBhwbR4lypgUmTRpfCcnV5pURN85gmyQwErJYzSkYrx9UDUIHCM/
40qdXmLMfNTQndgz1IM9l1u0lN+xI0z/pVzk1CqsMUz/M6TS+YNxRmkctQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeVLUkUYD75qXdu8sAp3c9UObJRMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKu5WurJ
SxWBkEOWT8u8CoQA27BbcYXDFO03rNcmDOTxZAVhvZ5jqfGqSaB0X80/QUacfNRA
muT+yMvC7rBdzRTDSLIeyp+PBCUcMwfwiVdm2Kdt2oKHE2pKAJWo6uNI3mNyO18Y
kCiNUrbmCN9OUzpq7uT/ellH+3y6Ut0GTI+a/UAKv3PN3QtyxZtG7l0KV0plbNJO
rBhnaP0z/F34VS//xVVrNDM3TBNiq8KikJA9JqEoIQVaHxH3nAbUmE6Xb4yS6qdg
QzCXZXzfJKim3fyDL9RFB0jlELiHltRUfLgXh0m7h2mTbm42T0kam3QxWnc/ymng
zmjhBULNTLzUlA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:51:01 2026 by rpki-client